Friday, June 3, 2016

EFF Joins Coalition Opposing Dangerous CFAA Bill

EFF and over a dozen other organizations are urging U.S. lawmakers to oppose a dangerous bill proposed by Sens. Sheldon Whitehouse and Lindsey Graham that would make the already-flawed Computer Fraud and Abuse Act (CFAA) worse. The joint letter sent Wednesday explains that the legislation fails to address any of the CFAA’s problems while simply creating more confusion. Although the proposal is ostensibly directed at stopping botnets, it includes various provisions that go far beyond protecting against such attacks.

The senators proposed an almost identical bill last year. And just like last year, they may try to sneak their proposal through as an amendment to the Email Privacy Act. Last year, the tried this tactic with the Cybersecurity Information Sharing Act of 2015, but they ultimately failed due to widespread opposition.

Since the death of activist and Internet pioneer Aaron Swartz three and a half years ago, people from across the political spectrum have urged Congress to reform the CFAA. It’s an outdated and draconian law, with harsh penalties for “crimes” that result in little or no economic harm. And the Justice Department has interpreted the statute’s vague language to criminalize violations of terms of use—an interpretation that turns virtually every Internet user into a criminal.

Sens. Whitehouse and Graham’s proposal will take things in the wrong direction. The CFAA should be reigned in, not expanded, to make sure it is used for the purpose originally intended by Congress: to target malicious criminals who break into computer systems and cause real harm and economic damage.

That’s why we joined our friends in asking the Senate to oppose the Whitehouse/Graham proposal—whether as a standalone bill or as an amendment to the Email Privacy Act.

You can read the full text of the letter below (footnotes omitted) or access a PDF of the original letter here.